Site Mobile Navigation

Universities Spar Over Disappearing Electronic Messages

In less than two months after a group of University of Washington computer researchers proposed a novel system for making electronic messages “disappear” after a certain period of time, a rival group of researchers based at the University of Texas at Austin, Princeton, and the University of Michigan, has claimed to have undermined the scheme.

In July, the University of Washington team described an experimental system called “Vanish” predicated on the idea of scattering the parts of an encryption key on a publicly accessible peer-to-peer file sharing network in such a way that the key — a large number — would become unusable as pieces of it were lost from the network.

The Vanish researchers had argued that increasingly in a networked world sensitive discussions involving something like a divorce or a lawsuit threaten users’ privacy when they are archived on multiple systems. Encrypting such messages is only a partial solution, the researchers argued, because encryption systems can be broken or keys can be subpoenaed. Therefore, it is virtually impossible to reliably delete information that has been transmitted via the Internet.

The Vanish attackers have created a demonstration system they call “Unvanish” and they said they had undone the Vanish model for gradually eroding encryption keys by subverting the peer-to-peer file sharing system. Their insight was to use a single computer to masquerade as a large number of members of a file sharing network. That rogue machine would simply need to capture and store anything that looked like a Vanish key fragment. The researchers said that this was simple, as the Vanish fragments are identifiable because of their size. Later it would be possible to reconstruct a Vanish message by simply consulting the Unvanish archive.

“In our experiments with Unvanish, we have shown that it is possible to make Vanish messages ‘reappear’ long after they should have ‘disappeared’ nearly 100 percent of the time,” the researchers wrote on a Web site that describes their experiment.

According to Emmett Witchel, a U.T.-Austin computer scientist, such technical jousting matches are at the very heart of both the computer security and cryptography fields.

“The goals of the Vanish researchers are reasonable goals,” he said, “but their system is fundamentally flawed.” The scheme would not be saved by trying to mask the size of the individual fragments, he added. “It would make the attack a little bit more expensive, but it doesn’t change the basic nature of the problem.”

On Monday, the Vanish researchers responded that they had now modified their initial prototype to use multiple file sharing networks, complicating the task of an attacker.

“The newly discovered weaknesses with our initial research prototype are not an invalidation of Vanish,” said Tadayoshi Kohno, a University of Washington computer scientist.

An earlier version of this article misspelled the surname of a University of Texas-Austin computer scientist. He is Emmett Witchel, not Wichtel.